티스토리 뷰
반응형
Sometimes we want to find out where in a module the code parsing is done. In the example below, we want to find the code that parses the QuickTime video codecs that are in Windows media player. We know that the codecs support the raw, rle, jpeg, mjpb, and rpza tags, so all we need to do is to search for those tags in our module--in this case, the "quartz.dll" module.
The OllyEye hunter knows that it should check for the video codec’s tags such as code.equals ("rpza") and that in assembly it should be done with the CMP command that represents it. For this reason, it searches for the CMP command that matches the 'rpza' keyword.
The OllyEye hunter knows that it should check for the video codec’s tags such as code.equals ("rpza") and that in assembly it should be done with the CMP command that represents it. For this reason, it searches for the CMP command that matches the 'rpza' keyword.
OllyEyev0.1.rar'Reversing tools > 올리 플러그인' 카테고리의 다른 글
| FullDisasm v2.1 (2) | 2009.02.28 |
|---|---|
| StrongOD 0.2.3.322 (0) | 2009.02.28 |
| StrongOD 0.2.3.305 (0) | 2009.02.15 |
| FullDisasm_OllyDbg v2.0 (0) | 2009.02.15 |
| advancedolly1.28 (0) | 2009.01.29 |
| X_CRYPTO v1.2 (0) | 2009.01.17 |
| ODbgScript.1.66.3.VC6 (0) | 2009.01.11 |
댓글
반응형
최근에 올라온 글
최근에 달린 댓글
- Total
- Today
- Yesterday
링크
TAG
- OllyScriptEditor
- TTprotect
- PECompact
- Unpacker
- OllyDbg
- 미니 노트북
- ODbgScript
- vmprotect
- exeinfo pe
- Memory Hacking Software
- ollydbg PLUGIN
- 한글화
- ollydbg scripts
- 리버싱은 내운명
- crack
- Themida
- OllyDbg Plugins
- ASProtect 1.32 - 1.41
- Reverse Engineering
- 패처
- 미친소 수입반대
- ProtectionID
- 언패킹
- DUP2
- Unpacking
- 리버스 엔지니어링
- ollydbg mup
- ollydbg ScriptEditor
- StrongOD
- plugin
| 일 | 월 | 화 | 수 | 목 | 금 | 토 |
|---|---|---|---|---|---|---|
| 1 | ||||||
| 2 | 3 | 4 | 5 | 6 | 7 | 8 |
| 9 | 10 | 11 | 12 | 13 | 14 | 15 |
| 16 | 17 | 18 | 19 | 20 | 21 | 22 |
| 23 | 24 | 25 | 26 | 27 | 28 | 29 |
| 30 | 31 |
글 보관함